Yesterday, I wrote about the mystery of why spam was so bad at being spam and I claimed that it was a mystery that seemingly defied explanation. None of what I proposed as possible answers was really satisfying. In order to answer this question, I think you have to look further afield and ask some other interesting questions: “Why has there not been a non-pathetic foreign terrorist attempt on US soil since 9/11?” and “Why has there only been a handful of truly crippling computer viruses in the last 10 years”

Our first instinct is that such occurrences are rare because they are difficult. However, neither of these tasks actually are difficult. Two guys in a van managed to terrorize Washington DC for a month and no amount of security precautions could have prevented them from doing so. The Sasser worm was written “by someone that could barely get the code working” and attacked a security flaw that had been noted and patched months ago and other worms haven’t been much more sophisticated. Such things are not trivial but they aren’t of such herculean difficulty that would be sufficient to explain their rarity. Just why exactly isn’t there a legion of evil geniuses who are routinely executing the downfall of society?

An evil genius is anyone who is both a genius and evil where “Evil” encompasses everything from trolling to keying someone’s car to pedophilia, “Genius” is anything which evokes any degree of “huh, why didn’t I think of that?” or “That’s clever”. As a rough approximation, we assume that the number of evil geniuses can be calculated by multiplying the proportion of people who are geniuses with the proportion of people who are evil. But what I’ve noticed through looking at a huge range of diverse social systems is that evil geniuses exist at a stunningly lower frequency than this naive calculation would have us believe. The number of evil geniuses is so off base from the naive calculation that it indicates a our model of the world with regards to evil geniuses is unsalvagable and needs to be replaced, not just tweaked.

Such a claim has radical implications for the design of social systems as so much of our thinking about security, about design and about society is obsessed with preventing evil geniuses from wreaking havoc that we don’t even stop to notice that they aren’t.

Part of the reason we’re so obsessed with evil geniuses is because we think we know what they’re like: they’re just like us except they actually do the evil things we think about. Bruce Schneier, one of the most widely read security experts in the world writes about how

Uncle Milton Industries has been selling ant farms to children since 1956. Some years ago, I remember opening one up with a friend. There were no actual ants included in the box. Instead, there was a card that you filled in with your address, and the company would mail you some ants. My friend expressed surprise that you could get ants sent to you in the mail.

I replied: “What’s really interesting is that these people will send a tube of live ants to anyone you tell them to.”

- The Security Mindset

“Why golly”, the man with the Security Mindset says, “I’ve found a great way to exploit this system. It’s lucky I’m a good person because all that is stopping me from executing this exploit for my personal gain is my innate goodness.”

It’s easy to imagine a person who is just like me except without my innate goodness. As a result, it’s easy to design a system with defenses against such a mythical attacker. What we completely fail to notice is that, most of the time, such an attacker simply does not materialize. But even though evil geniuses might not be a major problem, evil behavior most definitely is and it’s in our best interests to design a system which is resilient to pathological actions such as trolling, flaming and abuse.

Our naive view of the world is that we mentally segment people out into “good people” and “bad people”. Good people are people like us and bad people are people like us, except without any morality. The work of Milgram and Zimbardo shows though that goodness is largely a property of circumstance and the more correct way of thinking about the world is that most people are ordinary people and there are good situations and bad situations. If evil people are inherently evil, then it’s easy to imagine an evil genius. However, if evil is a product of the situation, then maybe the reason there are no evil geniuses was because noone gave them permission to be evil geniuses. The reason why Milgram and and Zimbardo managed to cause people to become evil was by relying on authority to signal that such actions were permissible. Genius, by definition, cannot provide be provided such social proof because you’re doing something new and unexpected. Without such social proof, it’s very hard to create an evil situation and, as a result, evil genius is hard to come by.

Such a statement has radical implications for design: you can cause pathological behavior simply by putting in visible mechanisms to prevent pathological behavior. We look to social cues within the system to understand acceptable bounds of behavior and in certain cases, one could reason that if the designer spent so much time building safeguards against certain behaviors into the system, such behavior must be prevalent and thus, acceptable to experiment with. In some cases, the correct approach to obsessing about the security of a system is to leave the system deliberately unsecured so that it does not even occur to people to test the security.

The “No Evil Geniuses” hypothesis is a radically different way to think about the world and one I don’t even think I can completely justify. At the same time, after having looked at all of these disparate cases in which there simply isn’t any other good explaination, it’s one I’ve been increasingly forced to take. Whenever I’ve gone out on a hunt to spot a rich treasure trove of evil geniuses, I’ve never been able to find them. Maybe there’s a simpler, more coherent explaination for all of this but until I find it, I’m going to bill this the No Evil Geniuses Paradox.

  • Pingback: The no obnoxious rich people paradox « Bumblebee Labs Blog

  • http://t-a-w.blogspot.com/ Tomasz Wegrzanowski

    A related question is why there seem to be so few evil geniuses among existing conspiracies, like national security agencies, organized crime, militaries, “terrorists” etc.

    They can afford to hire geniuses. They have goals that are recognized as “evil” by many people outside their organization. They don't have that many moral qualms – they've all been known to kill random people if it suited their interests. So why don't they use evil geniuses more?

    Or perhaps they do, except they're so good it almost always stays secret. For example if CIA was responsible for protests in Iran, that would be an evil genius success, and they would obviously not want to talk about it.

    I think the problem is open.

  • Shalmanese

    I don't think they being overly competent is the correct explanation. It strikes me as far beyond the capabilities of any organization to pull that off consistently.

    I think your observation is an interesting avenue of speculation and I suspect the correct answer has to do with one or more of your assumptions not being valid.

    One thing to consider is that almost no organization regards *themselves* as evil. Terrorists think of themselves as freedom fighters, security agents think of themselves as patriots.

  • Pingback: The Lazy Evil Genius - Essays

  • Pingback: A real case of an evil genius « Bumblebee Labs Blog

  • _

    Mitnick?

  • http://g-a-i-a.org jazzmann91

    I’m guessing most geniuses end up becoming neutral, due to the revealing nature of understanding most everything. Good and Evil are creatures of ignorance, that even the smallest bit of genius will realize as irrelevant judgments.

  • Pingback: Quora

  • http://www.christianlouboutins-ireland.com lmjfengying36

     Christian Louboutin Shoes Loco could be a guy, you can subscribe only going to one of its standards for Internet sites – There is only one English and another is in French. Christian Louboutin Flats grew up in Paris, as one of the first of his career used the Folies Bergere. This was a great complement for him, because this is a famous traditional cabaret talk about the courage and innovation. This reflects its Louboutin shoe collection, miniature in its selection of Christian Louboutin Shoes Ireland for Barbie christianlouboutins-ireland.com .

    Christian Louboutin Ireland shoes with Barbie are occasional small creatures, and it could be considered to complete the layout of any type of clothing that you want to dress your Barbie, a beautiful glittering stilettos pumps some much more modest. to all those who have actually seen a pair of Louboutin shoes, genuine in his own flesh, is likely to roll, if you saw them, and then almost fainted in the price, but not so Christian Louboutin Sale for Barbie. Master layout of the shoe is a show with a selection of Barbie incredibly cheap, in particular, and among the nine pairs of shoes is completely different to think about the beautiful Barbie torque signature red Christian Louboutin Evening pumps based christianlouboutins-ireland.com .

  • pualnaln19920927

    Very good copy of the Replica Louis Vuitton will last longer and give a realistic effect of low-cost knock at rest does not have the capacity to give. These copies have been produced to provide concrete where he still works, which includes authentic merchandise, or contribute to a great deal possible. Is to determine whether or not the Louis Vuitton bags, you’re thinking about getting a reputation sufficient to satisfy the need to buy or not. a technique, or if replication is not only a big enough can be displayed within the text. You can notify you if there are signs of poor opportunities for customization to run and lightly seeded or poorly glued pieces. Zip should be an organization and a good reputation as well. You can break the chains that pull at one point the Louis Vuitton Monogram Bags Sale is completely useless. It also shows signs such as the name of the letters the wrong way on the road and the belt is sown in the wrong replicalouisvuittonbagsale.com.

    Not just a little research for specific products like the stock you buy is the price worth it and will pass the current scenario for any occasion.

    Replica Louis Vuitton Handbags Sale can well be considered a great inclusion for the wardrobe. collection of shops are certainly great way for these scholarships. Surely whether an area you’re getting from the group, which is already a real LV in the list. When a loan is a collection you may well also shows the customer’s critical evaluations of the past and, because this is the understanding that they have had. This allows you to identify how their business is a way of being. It can also occur in a very legitimate Louis Vuitton purses catalogs and the types of displays which means they already know what to anticipate from the non-confidential Replica Louis Vuitton Bags replicalouisvuittonbagsale.com.

  • http://www.register-web-domain.in website registration india

    Great!  Well, I admire the precious time and effort you put into it, especially into useful articles you share here! It was very interesting.. 

  • pualnaln19920927

    one should be very careful when planning to purchase a pair of Prada ShoesShoes because of the large number of companies (both online and offline) selling cheap fake versions of the original shoesSome Telltale Signs that You are Not Getting Original Designer Shoes Following are some of the telltale signs that you are not getting original Designer ShoesUSA;• Shoe Box – A regular shoes customer will be able to spot a fake pair of shoes simple by looking at the shoe box since the Prada USADesigner Shoes shoe box is made or plastic rather than card board. Moreover, thePrada Shoes Saleshoe box does not have the brand name on the top; instead the Prada Designer Shoeslogo, model number and details and price are printed on one side of shoe box. If the Prada T-shirt On Sale Shoes Sale come in a shoe box that differs even slightly from the above mentioned description, you need to raise a red flag and demand value for your money.Intuition – Follow your gut feeling since a relatively unknown seller offering Cheap Cheap Prada Handbags SaleT-shirt Sale at a fraction of the original price is most likely a fraudulent business that will end up selling you a pair of fakeCheap Prada Wallets On SaleHandbags Sale that will be spotted from a mile awayfengyingpulanlan92. http://www.pradashoesusa.com

  • Simran

    Thanks for sharing these info with us! his is a great site. I really like it. Thank you for the site. May God bless you in all your works.SIMRAN

  • Pingback: jdietrich comments on "The A.I. Anxiety"